eduroam

Last updated: 
4 days 14 hours ago
Group Manager

A place to share information on all aspects of eduroam in the UK.

Follow us on Twitter @eduroamuk - for news, interest, information, photos and fun.

Contents

Click on item and scroll down to the selected content at the bottom of the page.

Advisory: Implications of MAC address randomisation on eduroam(UK) members

Advisory: CA Certificate Validation in Android Devices (Nov 2020)

Deploying Govroam alongside eduroam

Advisory: EAP server certificate considerations (July 2020)

eduroam Visitor Access Administrator Manual - Configuration and Management

eduroam Visitor Access Portal User Manual - Creating Guest Accounts

eduroam Visitor Access User Manual - Creating Guest Accounts for Groups and SMS Events

eduroam Visitor Access Guide - UKAMF IdP Configuration Requirements

Advisory: Injection of Operator-Name at the NRPSs

Walled Garden for Onboarding User Devices to eduroam

Using eduroam Support site; Connecting to the NRPS; User on-boarding – CAT

Introducing the eduroam Support Server 2 - Networkshop45 Presentation - April 2017

Guidance document - eduroam and Safeguarding

Guidance document - Cost of Implementing eduroam

eduroam(UK) Technical Specification Summary of Recommendations Checklist

eduroam(UK) Technical Specification Summary of Requirements Checklist

eduroam(UK) Technical Specification

NHS and eduroam/shared use of wireless/govroam

ORPS in Azure - alternatives to the use of ICMP

Sending Operator Name with Cisco ISE 2.0

eduroam in Public Buildings and Spaces in City Centres

TLS 1.2 and updated RADIUS requirements

FreeRADIUS Packet Handling - examining the flow

FreeRADIUS Best Current Practice Configuration for eduroam 

Performance tweaks for RADIUS and backend authentication systems

eduroam(UK) Microsoft NPS Configuration Guide

eduroam(UK) Service Provider Assurance Tool User Guide

eduroam(UK) Service Provider Assurance Tool Phase2 Field Trial Feedback

Improving the Reliability of NPS as an Authenticator in eduroam

Advisory: Using Status Server

Advisory: Use of MD5 Certificates Deprecated in Favour of SHA-1 for RADIUS servers

Advisory: Windows Mobile 8 and Certificate Verification

NWS41 eduroam Forum presentations - TKIP, CUI, NAPTR, QoS Probe

NWS40 FreeRADIUS Demystified seminar presentation

Geant Funding available

Janet Lumen House eduroam Service Information

UK eduroam Usage Feb 2013

EAP-pwd Moving Towards a Deployable Standard

Site Finder and Service Information Directory

eduroam(UK) Technical Specification 1.3 (archived) - superseded by 1.4

eduroam User Troubleshooting Flowchart for IT Support Staff

eduroam Administrators Troubleshooting Flowchart

NAPTR Record Creation Using Microsoft Windows 2008 R2 DNS Server

eduroam Best Practice Pointers

FreeRADIUS 2 eduroam Deployment at University of Sussex

Filter by tags:

Group administrators:

Document

This guide describes the setup of the Microsoft Network Policy Server for use with eduroam in the UK. Whilst it is the key component, the Organisational RADIUS Server (ORPS) is just one element of your eduroam deployment and this guide must be read in conjunction with:

i) Implementing eduroam Roadmap https://community.ja.net/library/janet-services-documentation/implementing-eduroam-roadmap

and

Document

This document is intended for Technical managers wishing to explore the topic of safeguarding minors and vulnerable adults on eduroam, particularly in respect of users roaming away from the home campus to locations where the eduroam service provides unfiltered access to the internet. The background to the issue is considered together with an appraisal of how the key elements of eduroam support the safeguarding of users and how eduroam deployment may be tailored to suit the policy in force at the individual organisation.

Document

eduroam technical specification checklist (based on specification 1.4)

A precis of all requirements and recommendations that can be checked during deployment of eduroam at a site - or when reviewing your service or checking issues.

Please note that proxying of RADIUS accounting datagrams to the NRPS is now deprecated - and will be forbidden in the next iteration of the technical specification

Article

TLDR; most client issues are solved by ensuring that the client is configured via a deployment tool

IOS9

Apple have changed the behaviour of IOS 9 with enterprise WiFi.  It appears that if your organisation is using a certificate not natively known by the device then it will no longer accept just username/password entry and present you with a 'verify the server' option.  it just silently quits.

Document

Author - Dr Alan Buxey 27/2/2012

This document looks at how a RADIUS packet is handled within the FreeRADIUS server. This fundamental knowledge will help us to understand where and how we configure the server, where we can adjust or optimise the flow and where to start looking if things go wrong. A good starting reference point is the native configuration after installation; reassuringly, by default this should just work!